A complete broadcast, cable ranker of the top-rated/most-watched channels of the year, including winners and losers.

Abstract: The large amount of third-party packages available in fast-moving software ecosystems, such as Node.js/npm, enables attackers to compromise applications by pushing malicious updates to their ...

Shai Hulud is a malware campaign first observed in September targeting the JavaScript ecosystem that focuses on supply chain ...

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing ...

WhatsApp Web users are at risk from a malicious software package that can secretly spy on accounts, potentially giving hackers long-term access.

Security analysts have uncovered a large-scale phishing operation utilising 175 npm packages as infrastructure to redirect victims to credential-harvesting sites. The packages, collectively downloaded ...

Morocco officially inaugurated today the permanent secretariat of the African Network of National Preventive Mechanisms at the headquarters of the National Human Rights Council (CNDH), marking a major ...

The Tea Protocol was founded by Max Howell, who created open source package manager Homebrew, and Lewis, who established ...

Popular blockchain network Solana (SOL) has been under what has been identified as the fourth-largest distributed ...

A spate of supply chain attacks forces GitHub’s npm to revoke ‘classic’ tokens. Despite this, larger worries about developer account security remain. GitHub has this week implemented the final part of ...

North Korea's 'Contagious Interview' campaign to target job seekers has expanded yet again, this time with a persistent npm package-poisoning game that runs like a well-oiled machine. Threat actors ...

A new malware campaign built around seven npm packages has been uncovered by cybersecurity experts. The campaign, observed by the Socket Threat Research Team, is operated by a threat actor known as ...